Credential-Stuffing Attacks on Remote Windows Systems Took Off in 2021

Password-guessing became last year's weapon of choice, as attackers attempted to brute-force vulnerable Remote Desktop Protocol (RDP) servers, SQL databases, and SMB file shares. [TechWeb]( Follow Dark Reading: [RSS]( February 11, 2022 LATEST SECURITY NEWS & COMMENTARY [Credential-Stuffing Attacks on Remote Windows Systems Took Off in 2021]( Password-guessing became last year's weapon of choice, as attackers attempted to brute-force vulnerable Remote Desktop Protocol (RDP) servers, SQL databases, and SMB file shares. [Data Transparency Hasn't Made Us Safer Yet. Can It Uncover Breach Causality?]( Advanced machine learning models within an XDR framework could uncover what actually causes breaches, but first we need better data transparency. [Apple Releases Security Update for Webkit Flaw]( A Webkit use-after-free vulnerability in iOS, iPadOS, Monterey, and Safari may already have been exploited, Apple said in a security advisory issued today. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws]( Companies are scanning more applications for vulnerabilities — and more often. [7 Privacy Tips for Security Pros]( How best to integrate privacy into your organization's security program. [Log4j: Getting From Stopgap Remedies to Long-Term Solutions]( This pervasive vulnerability will require continued care and attention to fully remediate and detect permutations. Here are some ways to get started. [MORE]( EDITORS' CHOICE [Experts: Several CVEs From Microsoft's February Security Update Require Prompt Attention]( Microsoft's release of relatively sparse vulnerability information makes it difficult for organizations to prioritize mitigation efforts, security experts say. LATEST FROM THE EDGE [Retailers' Offboarding Procedures Leave Potential Risks]( IT teams need to consider unforeseen threats to avoid violating privacy regulations and supplier contracts. LATEST FROM DR TECHNOLOGY [Defense Contractors Need to Check Their Six]( Companies overall met government standards, but poor credential management left vulnerabilities. Tech Resources - [A Modern Approach to Application Security]( - [Hindsight Cybersecurity: Seven Key Lessons Learned by Breach Victims]( - [Sophos 2022 Threat Report]( - [Network Detection and Response: How Reveal(x) Detects Threats]( - [The 2021 Ransomware Survey Report]( - [Security Predictions for 2022 Insights]( - [The Top Emerging Trends in Cryptography for 2022]( [ACCESS TECH LIBRARY NOW]( - [Strategies For Securing Your Supply Chain]( Recent attacks like the zero-day Log4j vulnerability have brought new scrutiny to cyber threats from suppliers and enterprise trading partners. But what does an effective supply-chain security strategy look like? How can you ensure that customers, suppliers, contractors, and ... - [Best Practices for Extending Identity & Access Management to the Cloud]( Managing and securing user credentials was never easy, and now that they are scattered across cloud platforms, software-as-a-service tools, mobile devices, and on-premises systems, the task has become even more complex. With adversaries increasingly targeting their attention to credential theft, ... [MORE WEBINARS]( FEATURED REPORTS - [How Data Breaches Affect the Enterprise]( - [Zero Trust in Real Life]( [MORE REPORTS]( CURRENT ISSUE [How Enterprises Are Assessing Cybersecurity Risk in Today's Environment]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Orca Security Adds Expanded CIEM Capabilities and Multi-Cloud Security Score to Cloud Platform]( [Titaniam Secures $6 Million in Seed Funding]( [Allure Security Raises $6.8 Million Seed Funding Round]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)